July, 2009

  • Microsoft Security Advisory 972890 Released

    I wanted to let you know that we have just posted Microsoft Security Advisory 972890 that discusses new, limited attacks against a Microsoft Video ActiveX Control affecting Windows XP and Windows Server 2003. Specifically, we’re aware of a code execution vulnerability within this control that can enable an attacker to run code as the logged-on user if they browse to a malicious site. We have an investigation into this issue under way as part of our Software Security Incident Response...